Incident Investigations and Response

TEXTBOOK DESCRIPTION

As organizations continue to rely on expanding infrastructure in an increasingly hostile threat landscape, the escalation of incidents involving malicious actors poses critical risks to information systems and networks. The ability to identify threats, respond to incidents, restore systems, and enhance security postures is vital to the survival of the operation. The Incident Investigations and Response textbook brings Incident Response core competencies to advanced levels by presenting students with 14 detailed chapters designed to align with multiple training formats.

Students will be provided with the knowledge and the practical skills needed to investigate and respond to network and system incidents. With a specific focus on the identification and remediation of incidents involving host and network devices, students will cover topics such as The Incident Response Life Cycle, Indicators of Compromise, Investigative Techniques, Threat Intelligence Collection, and Remediation Strategies. Immersive learning labs utilize a wide variety of critical industry tools and Wireshark network protocol analyzer software.

TEXTBOOK CHAPTERS

Chapter 01: The Incident Response and Attack Life Cycles
Chapter 02: Understanding the Modern Threat Landscape
Chapter 03: Creating an Effective Incident Response Capability
Chapter 04: Investigative Preparation and Implementation
Chapter 05: Vulnerability Assessment and Management
Chapter 06: Identifying Network and System Baselines
Chapter 07: Indicators of Compromise and Threat Identification
Chapter 08: Threat Intelligence Collection and Analysis
Chapter 09: Overview of Data Forensics and Analysis
Chapter 10: Host-Based Data Collection Practices
Chapter 11: Network-Based Data Collection Practices
Chapter 12: Static and Dynamic Malware Triage
Chapter 13: Containment, Remediation, and Eradication Strategies
Chapter 14: Reporting, Lessons Learned, and Testing Scenarios

INSTRUCTOR RESOURCES

Training institutions that adopt the Incident Investigations and Response textbook for use in their course curricula may request corresponding instructor resources at no additional cost. These resources include lecture presentation slides, question text banks for each of the 14 chapters, and lab resource guides. For more information please contact Phase2 Advantage.

ADA ACCESSIBLE COURSE MATERIALS

All Phase2 Advantage digital course materials - including textbooks, lab guides, and lecture slides in PDF and PPT formats - are ADA accessible and score 100% on major Learning Management Systems such as Moodle, Blackboard, Canvas, and LearnUpon. For more information, please visit the Phase2 Advantage website at phase2advantage/higher-education.

COURSE INFORMATION

https: //www.phase2advantage.com/online-courses